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Amendments to the Claims: 

This listing of claims will replace all prior version, and listings, of claims in the 
application: 

Listing of Claims: 

1-2. (canceled) 

3. (currently amended) The method of c l a i m 1 claim 24 , wherein the producing of 
the certificate occurs at an initial power-on of the platform. 

4. (currently amended) The method of claim 2 claim 24 , wherein the producing of 
th e c e rt i f i cat e operation of generating an attestation key pair comprises: 

loading, into the platform, boot code provided by an agent of an outside 

entity: 

booting the platform from the boot code stor e d i n a p l atform r e adab le 
m e d i um l oad e d by an provided by the agent; and 

after booting the platform from the boot code provided by the agent, 
executing an applet runn i ng w i th i n tho i solated area of tho system m e mory in 
isolated execution mode to generate the attestation key pair. 

5. (currently amended) The method of claim 4, wherein the producing of the 
certificate further comprises e ncrypt i ng th e pub li c att e stat i on k e y signing the 
certificate with a private key ho l d by tho agont of the outside entity . 

6. (currently amended) The method of daim-4- claim 24 , wherein the producing of 
the certificate comprises: 

e ncrypt i ng th e publ i c att e stat i on k e y us i ng signing the certificate with a private 
key held by an or i g i nal e quipm e nt a manufacturer of the platform. 



5 



09/538,951 



7. (currently amended) The nnethod of Gteim-4- claim 24 further comprising: 

receiving a challenge message from a remotely located platform, the 
challenge message including a nonce. 

8. (original) The method of claim 7 further comprising: 

generating a response message for transmission to the remotely located 
platform, the response message including the certificate, the nonce and a hash 
value of an audit log. 

9. (original) The method of claim 8, wherein the nonce and the hash value are 
signed with the private attestation key. 
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10. (currently amended) A platform comprising: 

a processor to operate selectively in on e of distinct modes including a normal 
execution mode and an isolated execution mode; 

an i nput/output contro l hub i n commun i cation w i th th e proc e ssor, th e 
i nput/output contro l hub to g e n e rat e an att e stat i on k e y pair and to stor e an aud i t l og 
b ei ng a li st i ng of data r e pr e s e nt i ng a p l ura li ty of softwar e modu le s l oad e d w i thin th e 
p l atform 

storage in communication with the processor the storage comprising a 
system memory to include an isolated area that is accessible only when the 
processor is operating in isolated execution mode: 

key generation instructions encoded in the storage, the key generation 
instructions to generate an attestation key pair for the platform while executing in 
isolated execution mode, wherein the attestation key pair comprises a private 
attestation key and a public attestation key: and 

a certificate in the storage, wherein the certificate attests that the platform 
uses isolated execution mode to protect the private key . 

1 1 . (currently amended) The platform of claim 10, wherein the p l ural i ty of softwar e 
modu le s i nc l ud e storage comprises a processor nub to execute in isolated execution 
mode and an operating system nub to execute in isolated execution mode . 

12. (original) The platform of claim 10 further comprising at least one input/output 
device allowing communications with a remotely located platform. 

13. (currently amended) The platform of claim 10 further compr i s i ng comprising: 

a device in communication with the processor; and 
a token link coupled to the i nput/output contro l hub device, the token link 
providing a communication path for a token. 

14. (currently amended) The platform of claim 13 wherein the token stores [[a]] the 
private attestation key of the attestation key pair. 
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15. (canceled) 

16. (currently amended) The platform of cla i m 15 claim 13 , wherein the device 
comprises a the protected memory inc l ud e s a plural i ty of s i ng le wr i t e , mult i pl e- r e ad 
control r e g i st e rs to hold an audit log of software modules loaded on the platform in 
isolated execution mode . 

17. (currently amended) The platform of c l a i m 15 claim 13 , wherein the device is 
an input/output control wh hub . 

18. (canceled) 

19. (currently amended) A method comprising: 

generating an attestation key pair for a platform : 

storing a private attestation key of the attestation key pair into isolated 
memory of the platform, the isolated memory being accessible to a processor of the 
platform only when the processor operates in isolated execution mode, wherein the 
isolated memory comprises hardware-protected memory; and 

producing a certificate including the public attestation key key, the certificate 
to attest that the platform stores the private attestation key i s stor e d in the hardwar e 
prot e ct e d isolated memory. 

20. (original) The method of claim 19, wherein the hardware-protected memory 
includes single-write, multiple-read control registers. 

21. (canceled) 

22. (original) The method of claim 19, wherein the producing of the certificate 
occurs at an initial power-on of the platform. 
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23. (currently amended) The method of claim 19, wherein the producing of th e 
c e rt i f i cat e operation of generating an attestation key pair comprises: 

booting [[a]] the platform i nclud i ng tho hardwar e prot e ct e d memory from code 
s tor e d i n a r e adab le m e d i um l oad e d provided by an agent of an outside entity ; and 

e x e cut i ng an app le t stor e d i n th e hardwar e- prot e ct e d m e mon/ using the code 
provided by the agent to generate the attestation key pair. 

24. (new) A method comprising: 

generating an attestation key pair in a platform that supports isolated 
execution mode, wherein the platform comprises a processor capable of operating 
in isolated execution mode and a system memory to include an isolated area that is 
accessible only when the processor is operating in isolated execution mode, and 
wherein the attestation key pair includes a private attestation key and a public 
attestation key; and 

producing a certificate for the platform to attest that the platform uses isolated 
execution mode to protect the private key. 
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